Preassessment

Question 1

Which type of ethernet cable can maintain 10 Gbps transmission speeds through the course of its maximum 100-meter length?

Answer 1

Cat 6a

Question 2

Which internet access technology uses ordinary telephone wires for data transmission?

Answer 2

DSL

Question 3

Which device is used to organize network cables as they run between switches and other network devices??

Answer 3

Patch panel

Question 4

Which network device is used to connect two or more network segments by performing OSI layer 3 functions like packet forwarding?

Answer 4

Router

Question 5

Which network device is used to convert between digital information from my LAN and analog signals for transmission over a standard telephone wire?

Answer 5

Modem

Question 6

Which device could be used to send commands to the mainframe for remote execution in early mainframe installations?

Answer 6

Dumb terminals

Question 7

Which device is responsible for implementing network address translation?

Answer 7

Router

Question 8

Which OSI layer is related to the function of the IP protocol suite?

Answer 8

Network

Question 9

Which OSI layer is responsible for organizing how bits are passed over the physical layer between devices within the same collision domain?

Answer 9

Data link

Question 10

Which OSI layer would define the scope of a protocol that makes sure packets of data are received correctly and resends them if they are not?

Answer 10

Transport

Question 11

Which protocol suite performs functions of OSI layer 4?

Answer 11

TCP

Question 12

Which command should be used to manually enter the default gateway for a computer?

Answer 12

route

Question 13

Which network diagnostic tool displays the path packets take between two endpoints?

Answer 13

traceroute

Question 14

Which network type is used to wire multiple PCs to a home router?

Answer 14

LAN

Question 15

An office’s infrastructure connects network devices and printers through a central access point without the use of cabling. Which network type does this office use?

Answer 15

WLAN

Question 16

What type of medium is commonly used within a 1,000 Mbps Ethernet network?

Answer 16

CAT5e

Question 17

Which network topology is being implemented when each node connects to exactly two other nodes forming a single continuous pathway for signals through each node?

Answer 17

Ring

Question 18

In which physical LAN topology are nodes connected to each other with a backbone cable that loops around and ends at the same point it started?

Answer 18

Ring

Question 19

Which cloud service provides hardware, operating systems and web servers but not end user applications?

Answer 19

IaaS

Question 20

Which cloud model provides an exclusive cloud computing service environment that is shared between two or more organizations?

Answer 20

Community

Question 21

Which type of software is used to provide virtualization?

Answer 21

Hypervisor

Question 22

Which OSI layer ensures error-free packets?

Answer 22

Transport

Question 23

Which topology uses a switch or hub to connect to all devices in the same network?

Answer 23

Star

Question 24

A user that does not want to be identified while communicating on a network uses an application to alter the computers identity. Which type of exploit is being perpetrated?

Answer 24

Spoofing

Question 25

An attacker attempts to misdirect traffic on a network back to the attacker by corrupting the network computers cache of IP addresses to MAC address mappings that are cached. Which exploit is the attacker perpetrating?

Answer 25

ARP Poisoning

Question 26

Which exploit actually breaches the physical medium or uses devices to monitor signals from outside the physical medium itself?

Answer 26

Wire tapping

Question 27

Which type of attack can overwhelm a web server by inserting more data into a web form then the system was configured to hold?

Answer 27

Buffer overflow

Question 28

Which type of attack sends an email claiming to be from a reputable business in order to entice the recipient to provide sensitive information?

Answer 28

Phishing

Question 29

A user on a network is planning to launch an exploit against a co-worker in a neighboring department. The user needs to identify the IP address of a co-worker in the desired department. Which tool or utility will allow the user to watch network traffic in real time to identify a target?

Answer 29

Sniffer

Question 30

Which group of attackers is typically used for penetration testing?

Answer 30

Red team

Question 31

Which type of attack exploits an unpatched software vulnerability?

Answer 31

Zero day

Question 32

A company has the policy that all new user passwords are P@ssw0rd but does not require new users to change their password. An employee randomly tries a co-worker's account with the new user password to see if they can log in as the co-worker. Which type of vulnerability does this create?

Answer 32

Default password

Question 33

An employee that does not want to miss emails from important clients sets up her cellular smartphone to allow her to check her email. Unfortunately, she does not install antivirus software on the cell phone. What type of vulnerability is represented?

Answer 33

BYOD/Mobile

Question 34

What is the definition of vulnerability in computer security?

Answer 34

It is a weakness which can be exploited by a threat such as an attacker to perform unauthorized actions within a computer system

Question 35

What is required to establish a secure connection to a remote network over an insecure link?

Answer 35

Virtual private network (VPN) service

Question 36

An organization is concerned about brute force attacks. How should the organization counter this risk?

Answer 36

Institute a login policy that locks users out of an account after three failed password attempts

Question 37

An organization suffers a social engineering attack that results in a cyber criminal gaining access to its networks and to its customers private information. How can the organization mitigate this risk in the future?

Answer 37

Provide regular cyber security training for employees

Question 38

An attacker plans to exploit flaws in an operating system to gain access to a user's computer system. What is a prevention mechanism for this type of attack?

Answer 38

Patching

Question 39

An unauthorized third party has gained access to a company network. How can they be prevented from deleting data?

Answer 39

Access controls

Question 40

An attacker has gained access to the passwords of several employees of a company through a brute force attack, which authentication method would keep the attacker from accessing the employees devices

Answer 40

Multi-factor authentication (MFA)

Question 41

After downloading a CD burning program, a user notices that someone is remotely accessing the computer during night time hours. Which type of malware is likely found in the CD software?

Answer 41

Trojan horse

Question 42

A user is working on a home computer. When another user seems to open an application to view documents on the same computer, the user immediately suspects that a back door into the computer exists. Which action should be taken first to deal with the problem?

Answer 42

Unplug the PC's network connection

Question 43

A user receives an email from an unknown bank saying that the user's account with the bank has been compromised. The user suspects this is a phishing exploit. How should the user safely proceed?

Answer 43

Open a new browser page, navigate to the bank's website and acquire legitimate contact information to report the email

Question 44

A malicious user was able to lock a user's account after guessing the user's password multiple times unsuccessfully. Which category of the CIA triad did the malicious user target in this attack?

Answer 44

Availability?

Question 45

Which category of the CIA triad is affected when an unauthorized user changes the data within a read-only file?

Answer 45

Integrity

Question 46

An analyst has identified an active denial of service attack. Which category of the CIA triad is affected?

Answer 46

Availability

Question 47

While investigating a security incident, a technician discovers an unauthorized packet capturing tool on the network. Which category of the CIA triad is being attacked?

Answer 47

Confidentiality

Question 48

Which type of firewall initiates a new connection on behalf of the client and presents its own IP to the server when a client initiates a connection to a server?

Answer 48

Circuit level

Question 49

Which feature of a firewall allows an organization to use private non-routable networks while enabling communication to the internet?

Answer 49

Port address translation (PAT)

Question 50

What is the meaning of "state" when referring to stateful inspection in firewalls?

Answer 50

It refers to the connection state of a conversation between two computers

Question 51

What can I use or install to detect malicious software?

Answer 51

Antivirus

Question 52

Which feature of a network intrusion prevention system uses a list of known bad IP addresses to protect the network?

Answer 52

Reputation-based prevention

Question 53

Which attack tricks a client into mapping an IP address to a spoofed MAC address?

Answer 53

ARP spoofing

Question 54

Which type of port has access to all VLANs by default in a traditional two layer switch?

Answer 54

Trunk

Question 55

A company provides access to employees, tax and personal information via a public facing web portal. What should the company implement to encrypt employees web access to this information?

Answer 55

Transport layer security (TLS)

Question 56

Which cloud feature is used to prevent data loss and provide for data retrieval in the event of a disaster?

Answer 56

Data backups and archives

Question 57

Which cloud hosting model provides exclusive cloud access for a single company?

Answer 57

Private

Question 58

What should a cloud provider use to secure data in flight?

Answer 58

Private key encryption

Question 59

Which type of wireless security protocol is the most secure?

Answer 59

WPA2 + AES

Question 60

Which statement is true when comparing AES encryption to Triple DES (3DES)

Answer 60

AES requires less CPU utilization and uses a larger block size than 3DES

Question 61

What is the best defense against fake access attacks?

Answer 61

Never use unsecured Wi-Fi hotspots

Question 62

Which network device is usually placed in line between the trusted network and an untrusted network?

Answer 62

Firewall

Question 63

Which type of firewall technology reads and analyzes the actual content of a message before forwarding to its destination?

Answer 63

Proxy servers

Question 64

An organization's IT department is concerned that malicious insiders may be using elevated access rights. Which security control can be used to draw attacks away from critical systems?

Answer 64

Honey pots

Question 65

What is end to end encryption?

Answer 65

Data is encrypted on the sender system and only the recipient is able to decrypt it

Question 66

Which phrase describes unencrypted data?

Answer 66

In the clear

Question 67

An administrator fails to configure protection for usernames and passwords transmitted across the network. Which component of the AAA model is weakened?

Answer 67

Authentication

Question 68

A user is mistakenly granted access to customer accounts not required for his duties. Which component of the AAA model is violated?

Answer 68

Authorization